[krbdev.mit.edu #3502] Cannot acquire initiator cred using gss_acquire_cred with explicit name on Windows
Valerie Peng via RT
rt-comment at krbdev.mit.edu
Wed Mar 8 15:32:58 EST 2006
I downloaded kfw-3.0.0-final and unzipp'ed it under my personal
directory.
I have an app which will load the gssapi32.dll and dynamically
invoke various gss functions. So far things work fine except
this one problem with gss_acquire_cred that looks like a bug
in the MIT kerberos impl.
Here is what I tried:
=========================
major = gssIndicateMechs(&minor, &desired_mechs);
// gss_acquire_cred call#1
major = gssAcquireCred(&minor, GSS_C_NO_NAME, GSS_C_INDEFINITE,
desired_mechs, GSS_C_INITIATE, &credHdl, NULL, NULL);
major = gssInquireCred(&minor, credHdl, &nameHdl, NULL, NULL, NULL);
// gss_acquire_cred call#2
major = gssAcquireCred(&minor, nameHdl, GSS_C_INDEFINITE,
desired_mechs, GSS_C_INITIATE, &credHdl, NULL, NULL);
...
major = gssImportName(&minor, &nameVal, nameType, &nameHdl);
// gss_acquire_cred call#3
major = gssAcquireCred(&minor, nameHdl, 0, desired_mechs,
GSS_C_ACCEPT, &credHdl2, NULL, NULL);
=========================
#1 and #3 of the above gss_acquire_cred(...) calls succeed
while #2 hangs.
I checked the major/minor status after each gss calls and did
not observe any problem up until call#2. If I commented out #2,
my app will run to its completion.
Please fix this...
Thanks,
Valerie
More information about the krb5-bugs
mailing list